From bb343fdb616a1dbf5a5c43b89280ccb892d3473b Mon Sep 17 00:00:00 2001
From: Georgi Gerganov <ggerganov@gmail.com>
Date: Tue, 22 Apr 2025 11:54:59 +0300
Subject: [PATCH 1/2] security : add note about RPC functionality

---
 SECURITY.md | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/SECURITY.md b/SECURITY.md
index 6a1bb6c32cd8e..a9be00d61cf47 100644
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -40,8 +40,9 @@ To protect sensitive data from potential leaks or unauthorized access, it is cru
 ### Untrusted environments or networks
 
 If you can't run your models in a secure and isolated environment or if it must be exposed to an untrusted network, make sure to take the following security precautions:
-* Confirm the hash of any downloaded artifact (e.g. pre-trained model weights) matches a known-good value
+* Confirm the hash of any downloaded artifact (e.g. pre-trained model weights) matches a known-good value.
 * Encrypt your data if sending it over the network.
+* Do not use the RPC backend and [rpc-server](https://github.com/ggml-org/llama.cpp/tree/master/examples/rpc) functionality.
 
 ### Multi-Tenant environments
 

From bb5e22899fd38cb009a60d9f4a6c406fface78b7 Mon Sep 17 00:00:00 2001
From: Georgi Gerganov <ggerganov@gmail.com>
Date: Tue, 22 Apr 2025 15:39:19 +0300
Subject: [PATCH 2/2] security : add note about llama-server

---
 SECURITY.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/SECURITY.md b/SECURITY.md
index a9be00d61cf47..9370fb1a88321 100644
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -40,9 +40,9 @@ To protect sensitive data from potential leaks or unauthorized access, it is cru
 ### Untrusted environments or networks
 
 If you can't run your models in a secure and isolated environment or if it must be exposed to an untrusted network, make sure to take the following security precautions:
+* Do not use the RPC backend, [rpc-server](https://github.com/ggml-org/llama.cpp/tree/master/examples/rpc) and [llama-server](https://github.com/ggml-org/llama.cpp/tree/master/examples/server) functionality (see https://github.com/ggml-org/llama.cpp/pull/13061).
 * Confirm the hash of any downloaded artifact (e.g. pre-trained model weights) matches a known-good value.
 * Encrypt your data if sending it over the network.
-* Do not use the RPC backend and [rpc-server](https://github.com/ggml-org/llama.cpp/tree/master/examples/rpc) functionality.
 
 ### Multi-Tenant environments